-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathnginx-php.conf
72 lines (68 loc) · 2.17 KB
/
nginx-php.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
server
{
listen 80;
#return 301 https://$host$request_uri;
root /var/www/html/;
index index.html index.php index.htm;
location / {
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
#securrity Changes-Start
server_tokens off;
more_set_headers 'Server: Eff_You_Script_Kiddies!';
# Securty Changes-End
location ~ \.php$ {
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server
{
listen 443;
root /var/www/html;
# ssl_certificate /etc/ssl/certs/m.crt;
# ssl_certificate_key /etc/ssl/private/m.key;
# ssl on;
# ssl_session_cache builtin:1000 shared:SSL:10m;
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
# ssl_prefer_server_ciphers on;
#securrity Changes-Start
server_tokens off;
more_set_headers 'Server: Eff_You_Script_Kiddies!';
# Securty Changes-End
index index.html index.php index.htm;
location / {
try_files $uri $uri/ /index.php?$args;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html
{
root /usr/share/nginx/html;
}
location ~ \.php$
{
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}